deliveryman/deliveryman-api
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新微信支付相关代码。

Browse Source
This commit is contained in:
aaron 2025-01-17 17:09:28 +08:00
parent 23945c0b10
commit 648eda8b80
4 changed files with 103 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
app/api/endpoints/wechat.py
View File

@ -4,7 +4,7 @@ from app.models.database import get_db
from app.models.user import UserInfo,UserDB, PhoneLoginRequest, generate_user_code from app.models.user import UserInfo,UserDB, PhoneLoginRequest, generate_user_code
from app.models.order import ShippingOrderDB, OrderStatus from app.models.order import ShippingOrderDB, OrderStatus
from app.core.response import success_response, error_response, ResponseModel from app.core.response import success_response, error_response, ResponseModel
from app.core.wechat import WeChatClient, get_wechat_pay_client from app.core.wechat import WeChatClient
from app.core.security import create_access_token, set_jwt_cookie from app.core.security import create_access_token, set_jwt_cookie
from pydantic import BaseModel from pydantic import BaseModel
import json import json
@ -18,7 +18,7 @@ import string
router = APIRouter() router = APIRouter()
class PhoneNumberRequest(BaseModel): class PhoneNumberRequest(BaseModel):
code: str # 手机号获取凭证 code: str # 登录凭证
referral_code: str = None # 推荐码(可选) referral_code: str = None # 推荐码(可选)
@router.post("/phone-login", response_model=ResponseModel) @router.post("/phone-login", response_model=ResponseModel)
@ -32,6 +32,10 @@ async def wechat_phone_login(
# 初始化微信客户端 # 初始化微信客户端
wechat = WeChatClient() wechat = WeChatClient()
# 获取用户 openid
session_info = await wechat.code2session(request.code)
openid = session_info["openid"]
# 获取用户手机号 # 获取用户手机号
phone_info = await wechat.get_phone_number(request.code) phone_info = await wechat.get_phone_number(request.code)
@ -50,10 +54,11 @@ async def wechat_phone_login(
username=f"user_{phone[-4:]}", username=f"user_{phone[-4:]}",
phone=phone, phone=phone,
user_code=user_code, user_code=user_code,
referral_code=request.referral_code referral_code=request.referral_code,
openid=openid # 保存 openid
) )
db.add(user) db.add(user)
db.flush() # 获取用户ID db.flush()
# 发放优惠券 # 发放优惠券
from app.api.endpoints.user import issue_register_coupons from app.api.endpoints.user import issue_register_coupons
@ -61,6 +66,10 @@ async def wechat_phone_login(
db.commit() db.commit()
db.refresh(user) db.refresh(user)
else:
# 更新现有用户的 openid
user.openid = openid
db.commit()
# 创建访问令牌 # 创建访问令牌
access_token = create_access_token( access_token = create_access_token(

4
app/core/config.py
View File

@ -6,6 +6,8 @@ class Settings(BaseSettings):
API_V1_STR: str = "/api/v1" API_V1_STR: str = "/api/v1"
PROJECT_NAME: str = "FastAPI 项目" PROJECT_NAME: str = "FastAPI 项目"
API_BASE_URL: str = "https://api.beefast.co"
# 订单价格配置 # 订单价格配置
ORDER_BASE_PRICE: float = 3.0 # 基础费用 ORDER_BASE_PRICE: float = 3.0 # 基础费用
ORDER_EXTRA_PACKAGE_PRICE: float = 0.5 # 额外包裹费用 ORDER_EXTRA_PACKAGE_PRICE: float = 0.5 # 额外包裹费用
@ -61,6 +63,8 @@ class Settings(BaseSettings):
WECHAT_MCH_ID: str = "1688852888" WECHAT_MCH_ID: str = "1688852888"
WECHAT_PRIVATE_KEY_PATH: str = "app/core/wechat_private_key.pem" WECHAT_PRIVATE_KEY_PATH: str = "app/core/wechat_private_key.pem"
WECHAT_CERT_SERIAL_NO: str = "1688852888" WECHAT_CERT_SERIAL_NO: str = "1688852888"
WECHAT_API_V3_KEY: str = "your-api-v3-key" # API v3密钥
WECHAT_PLATFORM_CERT_PATH: str = "app/core/wechat_platform_cert.pem" # 平台证书路径
class Config: class Config:
case_sensitive = True case_sensitive = True

82
app/core/wechat.py
View File

@ -9,6 +9,8 @@ import base64
import time import time
import random import random
import string import string
from cryptography.x509 import load_pem_x509_certificate
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
def generate_random_string(length=32): def generate_random_string(length=32):
"""生成指定长度的随机字符串""" """生成指定长度的随机字符串"""
@ -25,6 +27,8 @@ class WeChatClient:
self.private_key = self._load_private_key() self.private_key = self._load_private_key()
self.cert_serial_no = settings.WECHAT_CERT_SERIAL_NO self.cert_serial_no = settings.WECHAT_CERT_SERIAL_NO
self.access_token = None self.access_token = None
self.api_v3_key = settings.WECHAT_API_V3_KEY
self.platform_cert = self._load_platform_cert()
def _load_private_key(self): def _load_private_key(self):
"""加载商户私钥""" """加载商户私钥"""
@ -34,6 +38,12 @@ class WeChatClient:
password=None password=None
) )
def _load_platform_cert(self):
"""加载微信支付平台证书"""
with open(settings.WECHAT_PLATFORM_CERT_PATH, 'rb') as f:
cert_data = f.read()
return load_pem_x509_certificate(cert_data)
def sign(self, data: bytes) -> str: def sign(self, data: bytes) -> str:
"""签名数据""" """签名数据"""
signature = self.private_key.sign( signature = self.private_key.sign(
@ -133,3 +143,75 @@ class WeChatClient:
raise Exception(f"微信支付下单失败: {resp.json().get('message')}") raise Exception(f"微信支付下单失败: {resp.json().get('message')}")
return resp.json() return resp.json()
async def code2session(self, code: str) -> dict:
"""通过 code 获取用户 openid
Args:
code: 登录凭证
Returns:
dict: 包含 openid 等信息
"""
async with aiohttp.ClientSession() as session:
url = "https://api.weixin.qq.com/sns/jscode2session"
params = {
"appid": self.appid,
"secret": self.secret,
"js_code": code,
"grant_type": "authorization_code"
}
async with session.get(url, params=params) as response:
result = await response.json()
if "openid" in result:
return result
raise Exception(result.get("errmsg", "获取openid失败"))
def verify_signature(self, message: bytes, signature: str, serial_no: str) -> bool:
"""验证微信支付回调签名
Args:
message: 待验证的消息
signature: 签名字符串
serial_no: 证书序列号
"""
if serial_no != self.cert_serial_no:
return False
try:
# 解码签名
signature_bytes = base64.b64decode(signature)
# 使用公钥验证签名
self.platform_cert.public_key().verify(
signature_bytes,
message,
padding.PKCS1v15(),
hashes.SHA256()
)
return True
except Exception:
return False
def decrypt_callback(self, associated_data: str, nonce: str, ciphertext: str) -> str:
"""解密回调数据
Args:
associated_data: 附加数据
nonce: 随机串
ciphertext: 密文
Returns:
解密后的明文
"""
# 解码密文
encrypted_data = base64.b64decode(ciphertext)
# 使用 AEAD_AES_256_GCM 算法解密
aesgcm = AESGCM(base64.b64decode(self.api_v3_key))
data = aesgcm.decrypt(
nonce.encode(),
encrypted_data,
associated_data.encode()
)
return data.decode()

2
app/models/user.py
View File

@ -25,6 +25,7 @@ class UserDB(Base):
__tablename__ = "users" __tablename__ = "users"
userid = Column(Integer, primary_key=True,autoincrement=True, index=True) userid = Column(Integer, primary_key=True,autoincrement=True, index=True)
openid = Column(String(64), unique=True, nullable=True)
username = Column(String(50)) username = Column(String(50))
phone = Column(String(11), unique=True, index=True) phone = Column(String(11), unique=True, index=True)
user_code = Column(String(6), unique=True, nullable=False) user_code = Column(String(6), unique=True, nullable=False)
@ -46,6 +47,7 @@ class UserLogin(BaseModel):
class UserInfo(BaseModel): class UserInfo(BaseModel):
userid: int userid: int
openid: str
username: str username: str
phone: str phone: str
user_code: str user_code: str